IBM Guardium Multi-Cloud Data Protection

Feature spotlights

Automated discovery and classification

Automatically discover sensitive data from across your entire heterogeneous environment so that you can classify it and begin protecting it.

Automated analytics

Automatically analyze risks to sensitive data, from uncovering risky or suspicious user access patterns to uncovering malicious stored procedures or SQL injections, so that you can take action and safeguard sensitive data.

Vulnerability assessment

Scan data environments (databases, data warehouses, big data platforms) to detect vulnerabilities and suggest remedial actions. Identify exposures such as missing patches, weak passwords, unauthorized access and changes, misconfigured privileges, and other vulnerabilities, see full reports, and understand progress over time. Vulnerability assessment supports Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Database as a Service (DBaaS) environments.

Blocking, masking, redaction, alerting and quarantining

Protect sensitive data at rest and in motion in the manner that best meets the needs of your security policies. Apply static or dynamic data masking or redaction. Dynamically block user access to data, or quarantine suspicious user IDs. Send real time alerts to the security team for immediate follow-up on risky or unusual user behavior or access patterns.

Encryption and key management

Protects sensitive data from misuse, whether that data is in an on-premises environment or in a single cloud, multiple clouds, or hybrid cloud environments. Encrypts file and volume data while maintaining access control, and leverage key management for enhanced protection and centralized control of access keys.

Automated compliance and audit support

Aggregate and normalize audit data throughout the enterprise for compliance reporting, correlation, and forensics without requiring native database audit functions. Have audit-friendly data access audit trail supporting separation of duties, and benefit from customizable compliance workflow automation to generate and distribute reports for sign-off and escalation. Pre-packaged, regulation-specific 'accelerators' (such as the GDPR Accelerator) are also included.

Cloud-ready images for major cloud venders

Leverage fully tested and supported images for most major cloud venders. IBM can easily share these images to speed up deployment, so users may start protecting cloud data managed in Infrastructure as a Service (IaaS) environments.